internal AcceptorI(EndpointI endpoint, Instance instance, string adapterName, string host, int port)
{
_endpoint = endpoint;
_instance = instance;
_adapterName = adapterName;
_backlog = instance.properties().getPropertyAsIntWithDefault("Ice.TCP.Backlog", 511);
//
// .NET requires that a certificate be supplied.
//
X509Certificate2Collection certs = instance.certs();
if (certs.Count == 0)
{
Ice.SecurityException ex = new Ice.SecurityException();
ex.reason = "IceSSL: certificate required for server endpoint";
throw ex;
}
try
{
int protocol = instance.protocolSupport();
_addr = IceInternal.Network.getAddressForServer(host, port, protocol, instance.preferIPv6()) as
IPEndPoint;
_fd = IceInternal.Network.createServerSocket(false, _addr.AddressFamily, protocol);
IceInternal.Network.setBlock(_fd, false);
IceInternal.Network.setTcpBufSize(_fd, _instance);
if (IceInternal.AssemblyUtil.platform_ != IceInternal.AssemblyUtil.Platform.Windows)
{
//
// Enable SO_REUSEADDR on Unix platforms to allow
// re-using the socket even if it's in the TIME_WAIT
// state. On Windows, this doesn't appear to be
// necessary and enabling SO_REUSEADDR would actually
// not be a good thing since it allows a second
// process to bind to an address even it's already
// bound by another process.
//
// TODO: using SO_EXCLUSIVEADDRUSE on Windows would
// probably be better but it's only supported by recent
// Windows versions (XP SP2, Windows Server 2003).
//
IceInternal.Network.setReuseAddress(_fd, true);
}
}
catch (System.Exception)
{
_fd = null;
throw;
}
}
internal AcceptorI(EndpointI endpoint, Instance instance, string adapterName, string host, int port)
{
_endpoint = endpoint;
_instance = instance;
_adapterName = adapterName;
_backlog = instance.properties().getPropertyAsIntWithDefault("Ice.TCP.Backlog", 511);
//
// .NET requires that a certificate be supplied.
//
X509Certificate2Collection certs = instance.certs();
if(certs.Count == 0)
{
Ice.SecurityException ex = new Ice.SecurityException();
ex.reason = "IceSSL: certificate required for server endpoint";
throw ex;
}
try
{
int protocol = instance.protocolSupport();
_addr = IceInternal.Network.getAddressForServer(host, port, protocol, instance.preferIPv6()) as
IPEndPoint;
_fd = IceInternal.Network.createServerSocket(false, _addr.AddressFamily, protocol);
IceInternal.Network.setBlock(_fd, false);
IceInternal.Network.setTcpBufSize(_fd, _instance);
if(IceInternal.AssemblyUtil.platform_ != IceInternal.AssemblyUtil.Platform.Windows)
{
//
// Enable SO_REUSEADDR on Unix platforms to allow
// re-using the socket even if it's in the TIME_WAIT
// state. On Windows, this doesn't appear to be
// necessary and enabling SO_REUSEADDR would actually
// not be a good thing since it allows a second
// process to bind to an address even it's already
// bound by another process.
//
// TODO: using SO_EXCLUSIVEADDRUSE on Windows would
// probably be better but it's only supported by recent
// Windows versions (XP SP2, Windows Server 2003).
//
IceInternal.Network.setReuseAddress(_fd, true);
}
}
catch(System.Exception)
{
_fd = null;
throw;
}
}
//
// Only for use by ConnectorI, AcceptorI.
//
internal TransceiverI(Instance instance, IceInternal.Transceiver del, string hostOrAdapterName, bool incoming)
{
_instance = instance;
_delegate = del;
_incoming = incoming;
if (_incoming)
{
_adapterName = hostOrAdapterName;
}
else
{
_host = hostOrAdapterName;
}
_sslStream = null;
_verifyPeer = _instance.properties().getPropertyAsIntWithDefault("IceSSL.VerifyPeer", 2);
}
//
// Only for use by ConnectorI, AcceptorI.
//
internal TransceiverI(Instance instance, IceInternal.StreamSocket stream, string hostOrAdapterName, bool incoming)
{
_instance = instance;
_stream = stream;
_incoming = incoming;
if (_incoming)
{
_adapterName = hostOrAdapterName;
}
else
{
_host = hostOrAdapterName;
}
_sslStream = null;
_verifyPeer = _instance.properties().getPropertyAsIntWithDefault("IceSSL.VerifyPeer", 2);
_chain = new X509Chain(_instance.engine().useMachineContext());
if (_instance.checkCRL() == 0)
{
_chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
}
X509Certificate2Collection caCerts = _instance.engine().caCerts();
if (caCerts != null)
{
#if !UNITY
//
// We need to set this flag to be able to use a certificate authority from the extra store.
//
_chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
#endif
foreach (X509Certificate2 cert in caCerts)
{
_chain.ChainPolicy.ExtraStore.Add(cert);
}
}
}
//
// Only for use by ConnectorI, AcceptorI.
//
internal TransceiverI(Instance instance, IceInternal.StreamSocket stream, string hostOrAdapterName, bool incoming)
{
_instance = instance;
_stream = stream;
_incoming = incoming;
if(_incoming)
{
_adapterName = hostOrAdapterName;
}
else
{
_host = hostOrAdapterName;
}
_sslStream = null;
_verifyPeer = _instance.properties().getPropertyAsIntWithDefault("IceSSL.VerifyPeer", 2);
_chain = new X509Chain(_instance.engine().useMachineContext());
if(_instance.checkCRL() == 0)
{
_chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
}
X509Certificate2Collection caCerts = _instance.engine().caCerts();
if(caCerts != null)
{
#if !UNITY
//
// We need to set this flag to be able to use a certificate authority from the extra store.
//
_chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
#endif
foreach(X509Certificate2 cert in caCerts)
{
_chain.ChainPolicy.ExtraStore.Add(cert);
}
}
}